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(54) Mobile internet access 

(57) A method of enabling roaming of a mobile inte- 
rnet-access host (9) from a local area network (3) to a 
GSM network (6), each network having a home agent 
(HA) for routing internet datagrams between networks. 
The method comprises deregistering the mobile termi- 
nal (9) from said local area network (3) and registering 
it with the GSM network (6) and allocating to the mobile 
host (9) a new internet address in the GSM network (6). 



An internet security key is sent via the GSM Short Mes- 
sage Service from the local area network's home agent 
(HA) to the mobile terminal (9). The new internet ad- 
dress is transmitted, together with authentication data 
generated using the security key, via the internet (5) to 
the local area network's home agent (HA) which regis- 
ters that address as a care-of -address for the mobile 
host (9). 
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Description 

[0001] The present invention relates to mobile internet 
access and in particular to a method and apparatus tor 
sending a security key to a mobile host for use in internet 
access. 

[0002] Corporate users have traditionally accessed 
the internet from a fixed location within a Local Area Net- 
work (LAN), a user's LAN often being referred to as his 
■home" network (HN). The user interface to the internet 
is typically a personal computer (the "host"). As is illus- 
trated in Figure 1 , the home network is connected to an 
internet service provider which routes internet data, so- 
called -datagrams', between the home network and the 
internet, the internet in turn comprising other routers and 
service providers which route data to and from other 
foreign" networks (FN). 

[0003] In order to be able to transmit and receive da- 
tagrams to and from the internet, a host requires an in- 
ternet address. A corporate home network is typically 
allocated a set of internet addresses by a national au- 
thority and the home network can assign these either 
fixedly or dynamically to hosts attached to the home net- 
work (using for example the Dynamic Host Configura- 
tion Protocol DHCP). The allocated set of internet ad- 
dresses comprise a common prefix portion which iden- 
tifies the home network, whilst a suffix portion identifies 
the destination host. When a datagram is received by a 
home network, a router (R) of the home network polls 
the attached hosts to determine which host corresponds 
to the internet address conveyed with the datagram. The 
datagram is then forwarded by the router to the identified 
host. 

[0004] With the recent rapid advances in mobile com- 
munication technology, and in particular of wireless 
technologies, there has come a desire to gain internet 
access from mobile hosts or terminals, for example a 
laptop computer coupled to a cellular telephone. At 
present, this is available via certain digital telephone 
networks (e.g. GSM). As with conventional fixed line in- 
ternet access, a mobile host may have a fixedly or dy- 
namically assigned internet address, allocated by a 
service provider who is usually the cellular telephone 
network operator. In the case ol mobile internet access, 
a communication channel between the mobile host and 
the network is reserved for the duration of the call. Inte- 
rnet data destined for the mobile host is received by the 
network and is sent to the host over the reserved chan- 
nel. 

[0005] This system works satisfactorily whilst a mo- 
bile host remains within one homogeneous network. 
However, it does not provide for "roaming" between dif- 
ferent types of networks or between networks operated 
by different operators. When a mobile host "de-regis- 
ters" with one network and registers with a new network, 
there is no mechanism for forwarding internet data- 
grams: addressed to the old network, to the new network 
as the communication channel between the mobile host 



and the old network no longer exists. It is therefore nec- 
essary to open a new communication channel between 
the mobile host and the new network. All datagrams ad- 
dressed to the old network and not yet received by the 

6 mobile host are lost as a result ol this channel change. 
[0006] The desire for roaming is likely to increase in 
the near future as the provision of corporate wireless 
LANs becomes commonplace. A corporate user will 
have the opportunity to make wireless voice and data 

10 calls from a mobile terminaJ via the corporate LAN whilst 
he is inside the coverage area of that LAN. When the 
user leaves that area, he will then be able to connect to 
a digital cellular telephone network. In addition, so- 
called "hot-spot" LANs are likely to be provided in areas 

is where high data capacity is required, e.g. airports, shop- 
ping centres. In all probability, hot-spot LANs will be op- 
erated by the cellular network operators although they 
may of course be operated by the property owners 
themselves. 

20 [0007] A mobile internet access protocol which pro- 
vides for roaming is currently being standardised by the 
Internet Engineering Task Force (IETF). This protocol is 
known as RFC2002. A mobile internet protocol is also 
described in EP556012. These protocols make use of a 

zs "home agent", located in a mobile host's home network, 
to keep track of the host when it leaves the home net- 
work. A mobile host is fixedly allocated an internet ad- 
dress corresponding to the home network. 
[0008] When a mobile host is registered to its home 

30 network, the functionality of the network's home agent 
is off for that host (Le. the host is "deregistered" with the 
home agent) so that the home agent does not alter the 
flow of datagrams from the internet to the network's rout- 
er and the mobile host (as indicated by reference nu- 

35 meral 1 in Figure 2). When the mobile host leaves its 
home network and contacts a foreign network (FN), the 
host is registered with a foreign agent (FA) of that net- 
work. The foreign agent then transmits to the mobile 
host an internet address of the foreign agent, and the 

^0 mobile host in turn transmits the received internet ad- 
dress to the home network's home agent, together with 
a registration instruction. The home agent registers the 
new status of the mobile host and records the newly al- 
located internet address as a "care-of-address" for the 

4S host. Whenever the mobile host registers with a new for- 
eign network, a new care-of-address is sent to the home 
network's home agent to replace the previously regis- 
tered care-of-address. 

[0009] It wiil be appreciated that, as a mobile host has 
£0 a fixed internet address allocated to it, datagrams des- 
tined for the host will always be sent to the home net- 
work. If a mobile host has an active internet connection 
when it passes from its home network to a foreign net- 
work, and a datagram destined for the host subsequent- 
55 |y anives at the home network, the home agent deter- 
mines that the mobile host is registered with a foreign 
agent and forwards the datagrams to the registered 
care-ol -address. A communication channel will have 
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been reserved between the mobile host and the foreign 
agent, and the redirected datagram can be sent to the 
mobile host over this channel. Similarly, il a mobile host 
initiates a new internet access when registered with a 
foreign network, the host continues to use its allocated 
internet address. The home agent has already received 
the care-of-address and can again forward datagrams 
destined for the mobile host to the foreign agent for 
transfer to the host. 

[0010] In some cases, the foreign network may dy- 
namically assign an internet address to a visiting mobile 
host, e.g. if the foreign network does not have a foreign 
agent. This address is sent to the mobile host which in 
turn sends it to the home network's home agent as a 
care-of-address. Rather than just merely redirecting da- 
tagrams to the care-of-address, the home agent actually 
replaces the old internet address contained in the data- 
gram with the co-located care-of-address before re- 
transmitting the datagram. This particular form of care- 
of-address which identifies the mobile host as the "tun- 
nel" end-point for the redirected datagrams, rather than 
a foreign agent, is known as a •co-located care-of-ad- 
dress". It is noted however, that when the mobile host 
is accessing the internet via the foreign network, it still 
uses its fixedly allocated internet address. It will there- 
fore be appreciated that regardless of whether the home 
agent receives a care-of-address or a co-located care- 
of-address all datagrams directed to a mobile host pass 
through the home network's home agent (as indicated 
by reference numeral 2 in Figure 2). 
[0011] In a modification to the mobile internet access 
protocol described above, roaming of a mobile host from 
a home to a foreign network may be achieved by as- 
signing a new internet address, in said second network, 
to the mobile host when the host leaves the home net- 
work for the foreign network. This new address is then 
transmitted from the mobile host to the home network's 
home agent where the new address is registered as a 
care-of-address or co-located care-of-address for the 
mobile host. Datagrams addressed to the new internet 
address are sent directly to the mobile host via the for- 
eign network's "foreign" agent. On the other hand, dat- 
agrams addressed to an internet address previously as- 
signed to the mobile host in the home network are for- 
warded, using the registered care-of-address or co-lo- 
cated care-of-address, from that network's home agent 
to the mobile host via the foreign network's foreign 
agent. This protocol is described below with reference 
to Figure 3. 

[0012] Current proposals for mobile internet access 
protocols have in common the feature that a care-of-ad- 
dress (or co- located care-of-address) must be sent from 
a mobile host to the host's home network when the host 
registers with a foreign network. The care-of-address is 
sent via the internet, together with authentication data 
generated from an authentication key and the care-of- 
address itself (or some other component of the registra- 
tion message), where the secret authentication key is 



known to the mobile host and to the host's home net- 
work. A separate encryption key may also be used to 
encrypt other data sent between the mobile host and the 
home network. 

5 [0013] A problem with this approach is that the inte- 
rnet is not necessarily a secure network and it is possible 
for third parties to intercept internet traffic. If a third party 
can also determine the authentication/encryption key 
then it may be possible for them to decrypt intercepted 

10 data. It may also be possible for a third party to send a 
fal6e registration request and care-of-addres6 to a mo- 
bile host* s home network causing datagrams intended 
for that mobile host to be redirected to some other ter- 
minal. 

is [0014] . A possible way to improve security is to allo- 
cate new authentication/encrypt ion keys to a mobile 
host on a regular basis, e.g. every time the mobile host 
makes a new internet access request. However, as the 
new authentication/encryption key is sent via the inte- 

20 met, the possibility remains that each new key may be 
intercepted and determined. 

[001 5] It is an object of the present invention to over- 
come or at least mitigate the above noted disadvantag- 
es. In particular, it is an object of the present invention 
25 to provide for the secure transmission of security keys, 
fouuse in mobile internet access, between a mobile host 
and a home network of the mobile host, particularly 
when the mobile host is registered with a foreign net- 
work. 

30 [0016] These and other objects are met by sending 
security keys, from a mobile host's home network to the 
mobile host, using a point-to-point packet switched serv- 
ice of a cellular radio telephone network. 
[001 7] According to a first aspect of the present inven- 
ts tion there is provided a method of communicating data 
between a mobile host and a remote station over the 
internet, where both the mobile host and the remote sta- 
tion are registered with the same or different cellular ra- 
dio telephone networks, the method comprising the 
40 steps of: 

sending a security key, from the remote station to 
the mobile host, over the cellular radio telephone 
network(s) using a point-to-point packet switched 
45 service of the network(s); 

receiving said security key at the mobile host, and 
using the received key to ensure the security of sub- 
sequent data transmissions between the mobile 
host and the remote station over the internet. 

so 

[001 8] The present invention avoids the use of the in- 
ternet to distribute a security key to a mobile terminal. 
Furthermore, distribution is achieved using a cellular ra- 
dio telephone network messaging service which is in- 
55 herently more secure than the internet. 

[0019] In one embodiment of the present invention, 
the remote station is connected to a Local Area Network 
(LAN), the LAN being connected to the internet. The 



3 



5 



EP0944 203 A2 



6 



LAN is assigned as the home network of the mobile host, 
such that said remote terminal is the home agent ot the 
mobile host. In accordance with mobile internet protocol 
(Mobile IP), when the mobile host is registered with a 
cellular radio telephone network which provides access 
for the mobile host to the internet, a care-of-address is 
sent from the mobile host to the home agent over the 
internet. The present invention is advantageously used 
to secure the transmission of said care-of-address. 
However, the present invention may also be used to en- 
crypt and transmit other data between the mobile host 
and the home network. 

[0020] In other embodiments of the present invention, 
the remote host is the home agent of a cellular telephone 
network, and that home agent is the home agent ol the 
mobile host. 

[0021] Preferably, the or each cellular radio telephone 
network is a GSM network and said point-to-point pack- 
et switched service is that known as the Short Message 
Service (SMS). In other embodiments of the present in- 
vention, said point-to-point packet switched service may 
be an Unstructured Supplementary Data (USSD) serv- 
ice or may be provided by way of a packet data channel 
(e.g. in a General Packet Radio Service GPRS). 
[0022] Secu rity keys which may be distributed by way 
of the present invention include, for example, authenti- 
cation keys and encryption keys. 
[0023] According to a second aspect of the present 
invention there is provided data communication appa- 
ratus comprising: 

a mobile host arranged for connection to the internet 
and to a cellular radio telephone network and hav- 
ing first signal processing means for encrypting and 
decrypting data sent to and received from the inte- 
rnet; 

a remote station arranged for connection to the in- 
ternet and to a cellular radio telephone network, and 
having second signal processing means for secur- 
ing data sent to and received from the internet, the 
remote station further comprising means for provid- 
ing a security key and for sending the security key 
to the mobile host over the cellular radio telephone 
network(s) using a point-to-point packet switched 
service of the network(s); 

the mobile host further comprising means for re- 
ceiving said transmitted security key, wherein said 
security key may be used to secure subsequent da- 
ta transmissions between the mobile host and the 
remote station over the internet. 

[0024] For a better understanding of the present in- 
vention and in order to show how the same may be car- 
ried into effect reference will now be made, by way of 
example, to the accompanying drawings, in which: 

* Figure 1 illustrates schematically a fixed host inte- 
rnet access system; 



Figure 2 illustrates schematically a mobile host in- 
ternet access system; . 

Figure 3 illustrates schematically a modified mobile 
host internet access system which uses a cellular 
6 radio telephone network to distribute internet au- 
thentication keys; and 

Figure 4 illustrates a mobile host and a home agent 
of the system of Figure 3. 

10 [0025] As has already been described, Figures 1 and 
2 illustrate respectively, conventional fixed host and mo- 
bile host internet access systems. 
[0026] With reference to Figure 3, there is illustrated 
a wireless corporate LAN 3 in which a number of mobile 

1£ hosts are coupled to a common network home agent 
(HA) via a router (R). The corporate LAN is connected 
via one or more fixed land lines 4 to an internet service 
provider which provides connectivity and routing func- 
tions between the corporate LAN 3 and the internet 5. 

20 [0027] Whilst a mobile host is registered to the corpo- 
rate LAN 3, the host either has a fixed internet address 
or an address dynamically assigned by the router. In ei- 
ther case, the host's address is one of those assigned 
to the corporate LAN 3. The home address is attached 

25 to datagrams sent from the mobile host to the internet 5 
and enables return datagrams to be correctly delivered 
back to the home agent at the corporate LAN 3. 
[0026] Figure 3 also illustrates a GSM cellular tele- 
phone network 6 together with two so-called hot spot 

30 LANs 7,8. The GSM network 6 provides cellular tele- 
phone services to subscribers over a wide geographical 
area, encompassing the coverage area of the corporate 
LAN 3. The hot spot LANs 7,8 provide relatively high 
capacity telephone services over smaller, local areas 

35 which may overlap with that of the GSM network 6. In 
the present example, the GSM network 6 and the two 
hot spot LANs 7,8 are operated by the same operator. 
[0029] If a mobile host subscribing to the corporate 
LAN 3 and to the cellular telephone network 6 leaves 

40 the coverage area of (he corporate LAN and enters that 
of the cellular telephone network (either GSM or hot spot 
LAN), the host will deregister with the former whilst reg- 
istering with the latter. An example mobile host 9 is 
shown in Figure 3, registered to the GSM network 6. 

45 [0030] The home network's home agent is provided 
with a GSM terminal which enables the home agent to 
connect wirelessly to the GSM network 6. Whenever the 
mobile host 9 is turned on and registered to the GSM 
network 6, a request is sent from the mobile host 9 to 

so the home network's home agent for transmission of an 
internet authentication key. This request is made using 
the GSM network's Short Message Service (SMS) and 
transmission occurs via the GSM network's home agent 
and wireless channels 10,11 coupling the mobile host 9 

55 and the home network's home agent to the GSM net- 
work's home agent (illustrated in simplified form in Fig- 
ure 4). Upon receipt of the request, a signal processing 
unit 1 3 within the home network's home agent generates 



4 



7 



EP 0 944 203 A2 



e 



a unique authentication key and transmits this, again via 
SMS, to the mobile host 9 where it is received by a signal 
processing unit 14. SMS is an inherently secure way of 
distributing authentication keys as the source and des- 
tination of an SMS message are authenticated by the s 
GSM network 6. 

[0031] Upon registration with the GSM network 6, the 
network 6 assigns and transmits to the mobile host 9 a 
new internet address in that network. This new address 
is either one of a number of addresses allocated to the 10 
GSM network 6 and defining the home agent as the tun- 
nel end-point, or is dynamically assigned to the mobile 
host 9 (e.g. using DHCP) to define the mobile host 9 as 
the tunnel end-point. In either case, the new address 
replaces the internet address allocated to the host when is 
it was registered to the corporate LAN 3. Datagrams 
destined for the mobile host 9, and initiated via the GSM 
network 6, are now sent directly to the GSM network 
(see reference numeral 12 in Figure 3). 
[0032] In the case that a mobile host registers with 20 
one of the hot spot LANs 7,8, the mobile host is again 
allocated a care-of -address which identifies the GSM 
network's home agent as the tunnel end-point. The 
home agent additionally records forwarding information 
for the mobile host in the hot spot LAN so that received 25 
datagrams can be sent to the mobile host. An authenti- 
cation key is also sent to the mobile host via SMS. 
[0033] Whilst new datagrams will be directed to the 
mobile host 9 at the new internet address, some data- 
grams initiated using the old address in the corporate 30 
LAN 3 may still be in transit. A registration message is 
therefore transmitted, over the internet 5, from the mo- 
bile host 9 to the corporate LAN's home agent to register 
the mobile host's new internet address with the home 
agent (either as a care-of-address or as a co-located 35 
care-of -address). As the internet 5 is an inherently un- 
secure transmission medium, the registration request 
and the care-of-address are supplemented, at the mo- 
bile host 9, with "authentication" data. This is data gen- 
erated by a second signal processing unit 1 5 of the mo- 40 
bile host using a hash f unction applied to the received 
authentication key and the actual message data, i.e. 
authentication_data = hash_function(authentication_ 
key, message_data). A typical hash function is that 
known as MD5. Given that the home network's home *s 
agent knows the authentication key used by the mobile 
host 9, the home agent can authenticate the mobile host 
9 using the authentication key, and the received mes- 
sage and authentication data. 

[0034] If the corporate LAN 3 subsequently receives so 
datagrams destined for the mobile host 9, the corporate 
LAN's home agent determines that the mobile host 9 is 
now registered with a foreign network and it redirects 
the datagrams to the care-of-address or co-located 
care-of-address now registered for the mobile host 9. ss 
The GSM network's home agent receives these for- 
warded datagrams and redirects them to the mobile host 
9, either directly or via a foreign agent in a hot spot LAN. 



This redirection route is indicated in Figure 3 by refer- 
ence numeral 4. 

[0035] When the mobile host 9 moves between differ- 
ent "sub-networks" of the cellular telephone network, e. 
g. from the GSM network to a hot spot LAN, there is no 
need to update the care-of-address or co-located care- 
of-address at the corporate network's home agent. It is 
only necessary to update the location details of the mo- 
bile host at the<5SM network's home agent. 
[0036] On the mobile host 9 returning from the cellular 
telephone network to the corporate LAN, the process 
described above is repeated in reverse. The mobile host 
deregisters to the cellular telephone network and regis- 
ters with the corporate LAN. The mobile host sends its 
new internet address in the corporate LAN to the home 
agent of the GSM network as a care-of-address (or co- 
located care-of-address) for the mobile host. In order to 
ensure security, the new corporate LAN based internet 
address may be sent to the GSM network via an SMS 
message. 

[0037] It will be appreciated by a person of skill in the 
art that modifications may be made to the above de- 
scribed embodiment without departing from the scope 
of the present invention. For example, in the embodi- 
ment described above, the home agent of the mobile 
host 9 is the home agent of the corporate LAN 3. How- 
ever, the mobile host's home agent, i.e. the agent to 
which the care-of -addresses are sent, may be the home 
agent of any one of the networks, e.g. the home agent 
of the GSM network 6. 



Claims 

1 . A method of communicating data between a mobile 
host and a remote station over the internet, where 
both the mobile host and the remote station are reg- 
istered with the same or different cellular radio tel- 
ephone networks, the method comprising the steps 
of: 

sending a security key, from the remote station 
to the mobile host, over the cellular radio tele- 
phone network(s) using a point-to-point packet 
switched service of the network(s); 
receiving said security key at the mobile host, 
and using the received key to secure subse- 
quent data transmissions between the mobile 
host and the remote station over the internet. 

2. A method according to claim 1 , wherein the remote 
station is connected to a Local Area Network (LAN), 
the LAN being connected to the internet, and the 
mobile host is wirelessly connected to the internet 
via the mobile host's cellular radio telephone net- 
work. 

3. A method according to claim 2, wherein: 
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said LAN is assigned as the home network of 
the mobile host so that said remote terminal is 
the home agent of the mobile host; 
the mobile host is registered with a cellular ra- 
dio telephone network which provides access 5 
for the mobile host to the internet; and 
a care-of-address is sent from the mobile host 
to the home agent over the internet encrypted 
with said security key. 

10 

4. A method according to claim 1 , wherein the remote 
station is the home agent of a cellular telephone net- 
work. 

5. A method according to claim 4, wherein the remote is 
station is designated as the home agent of the mo- 
bile host, as defined by mobile internet protocol. 

6. A method according to any one of the preceding 
claims, wherein the or each cellular radio telephone 20 
network is a GSM network and said point-to-point 
packet switched service is the Short Message Serv- 
ice (SMS). 

7. Data communication apparatus comprising: *5 

a mobile host (9) arranged for connection to the 
internet (5) and to a cellular radio telephone 
network (6) and having first signal processing 
means (1 5) for encrypting and decrypting data 30 
sent to and received from the internet (9); 
a remote station (HA) arranged for connection 
to the internet (5) and to a cellular radio tele- 
phone network (6), and having second signal 
processing means (16) lor encrypting and de- 35 
crypting data sent to and received from the in- 
ternet, the remote station (HA) further compris- 
ing means for providing a security key (1 3) and 
for sending the security key to the mobile host 
(9) over the cellular radio telephone network(s) 40 
using a point-to-point packet switched service 
of the networks); 

the mobile host (9) further comprising means 
for receiving said transmitted security key (14), 
wherein said security key may be used to se- 45 
cure subsequent data transmissions between 
the mobile host (9) and the remote station (HA) 
over the internet (5). 
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